<?php
include_once('common/header.php');
if($AppUI->id <=0 ){
	Vfriend_Function::redirect(HOST_BACKEND);
}
$strPasswordOld 	= $objRequest->getParam('ppassword_old', '');
$strPassword 		= $objRequest->getParam('ppassword', '');
$strPasswordConf 	= $objRequest->getParam('ppassword_confirm', '');
$intAdminId			= $objRequest->getParam('padminid', 0);
$strUsername		= $objRequest->getParam('pusername', '');
$intError			= 0;
$objAdmin			= new Admin();
if($intAdminId	== 0) {
	if(trim($strPasswordOld) == '') $intError = 13;
	$arrInfo = $objAdmin->get($AppUI->id);
	if($arrInfo && $arrInfo->password != $strPasswordOld) $intError = 15;
} else {
	if((isset($_SESSION['admin']) && ($_SESSION['admin']&1<<2)==0) || ($AppUI->id > 0 && $AppUI->type < 1))
		Vfriend_Function::redirect(HOST_BACKEND);
}
if(trim($strPassword) == '') $intError = 7;
if($strPassword != '' && (strlen($strPassword) < 5 || strlen($strPassword) > 30)) $intError = 8;
if($strPassword != '' && $strPassword != $strPasswordConf) $intError = 9;
if($intError == 0) {
	if($intAdminId > 0) {
		$intError = $objAdmin->updatePassword($AppUI->id, $intAdminId, $strUsername, md5($strPassword));	
	} else {
		$intError = $objAdmin->updatePassword(0, $AppUI->id, $AppUI->username, md5($strPassword));	
	}
	if($intError > 0) {
		$intError = 14;
	}
	else {
		Vfriend_Function::setMsg($arrMessage[3]);
		Vfriend_Function::redirect(HOST_BACKEND . 'index/list');
	}
}
if($intError > 0) {
	Vfriend_Function::setError($arrError[$intError]);
	if($intAdminId == 0) {
		Vfriend_Function::redirect(HOST_BACKEND . 'index/changepass');
	}
	else {
		Vfriend_Function::redirect(HOST_BACKEND . 'index/achangepass?adminid=' . $intAdminId);
	}
}
?>